EUVD-2024-22954

Malicious code in bioql PyPI...

CVE-2024-25636

Misskey is an open source, decentralized social media platform with ActivityPub support. Prior to version 2024.2.0, when fetching remote Activity Streams objects, Misskey doesn't check that the response from the remote server has a Content-Type header value of the Activity Streams media type, whi...

CVE-2024-37027

Improper Input validation in some IntelR VTuneTM Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2024-36245

Uncontrolled search path element in some IntelR VTuneTM Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

Intel VTune Profiler 输入验证错误漏洞

Intel VTune Profiler is a performance testing tool for optimized software from Intel USA. The software performs performance testing of IoT embedded applications, media software, Java applications, and high-performance computing applications. An input validation error vulnerability exists in Intel...

Intel VTune Profiler 代码问题漏洞

Intel VTune Profiler is a performance testing tool for optimized software from Intel USA. The software performs performance testing of IoT embedded applications, media software, Java applications, and high-performance computing applications. A code issue vulnerability exists in Intel VTune Profil...

PT-2024-27250 · Intel · Intel Vtune Profiler

Name of the Vulnerable Software and Affected Versions: IntelR VTuneTM Profiler versions prior to 2024.2.0 Description: The issue is related to improper input validation, which may allow an authenticated user to potentially enable denial of service via local access. Recommendations: For versions...

PT-2024-7629 · Sophos · Sophos Intercept X

Name of the Vulnerable Software and Affected Versions: Sophos Intercept X for Windows with Central Device Encryption versions 2024.2.0 and earlier Description: A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption allows writing of arbitrary...

CVE-2024-3995

In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins...

CVE-2024-3995 Command Injection in Helix ALM

In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins...

CVE-2024-3995 Command Injection in Helix ALM

In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins...

Perforce Helix ALM Security Vulnerability

Perforce Helix ALM is an application lifecycle management software from Perforce. A security vulnerability exists in Perforce Helix ALM versions prior to 2024.2.0 that stems from the presence of local command injection...

PT-2024-21634 · Esphome · Esphome

Name of the Vulnerable Software and Affected Versions: ESPHome versions 2023.12.9 through 2024.2.0 Description: A security misconfiguration in the edit configuration file API in the dashboard component of ESPHome allows authenticated remote attackers to read and write arbitrary files under the...

Design/Logic Flaw

Misskey is an open source, decentralized social media platform with ActivityPub support. Prior to version 2024.2.0, when fetching remote Activity Streams objects, Misskey doesn't check that the response from the remote server has a Content-Type header value of the Activity Streams media type, whi...

Misskey Code Issues Vulnerabilities

Misskey is a suite of micro-blogging platforms. A code issue vulnerability exists in Misskey versions prior to 2024.2.0. An attacker exploited the vulnerability to impersonate and take over an account on a remote server...

Upcoming changes in XenCenter

To provide you with greater security, the Citrix Insight Services CIS website has extended its multi-factor authentication requirement to applications, like XenCenter, that use the API to upload data. As a result, we are making changes to how XenCenter interacts with CIS. Important : XenCenter...